How authentication works
All API requests require authentication using an API key passed in theX-API-Key
header.
When you make a request, SignatureAPI validates your API key and determines which account and environment (test or live) the request should access.
Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.
Getting your API key
You can get a free test API key to try out SignatureAPI and set up your workflow:1
Sign Up
Sign up for a free account on SignatureAPI.
2
Get your API key
Navigate to the SignatureAPI Dashboard and copy your test API key from the API Keys section.
Making authenticated requests
Include your API key in theX-API-Key
header with every request. Here’s how to authenticate when creating an envelope:
API key types
SignatureAPI provides different API key types for different environments:Key Type | Format | Purpose |
---|---|---|
Test keys | key_test_... | Development and testing without real legal consequences |
Live keys | key_live_... | Production use with legally-binding documents |
Test mode benefits
Test API keys let you create test envelopes, perfect for trying out your workflows. Envelopes in test mode:- Don’t send emails to recipients (you can preview them in your dashboard)
- Are not legally-binding, so no legal obligations arise during testing
- Are completely free to use
- Have all the same API functionality as live mode
Authentication errors
When authentication fails, you’ll receive specific error responses to help you diagnose the issue:Invalid API Key
The API key provided is not valid or improperly formatted.- Missing or incomplete API key
- API key not passed in the
X-API-Key
header - Typos in the API key value
Forbidden Access
HTTP Status Code: 403 Your API key is valid but doesn’t have permission to access the requested resource.- Using an API key from a different account
- Insufficient permissions for the requested operation
Test/Live Mode Mismatch
HTTP Status Code: 404 You’re trying to access a resource with the wrong environment key (test vs live).- Using a test API key to access live resources
- Using a live API key to access test resources
Next steps
Now that you understand authentication, you’re ready to:- Create your first envelope using the API
- Explore the API playground to test requests interactively